OT Detection Engineer in Manchester

Our Global Detection Engineering Team provides detection capabilities for various security products used in our 24/7 managed monitoring service with customers all over the world. This role will be to join our detection engineering team, where you will focus on developing the best detections for OT environments utilizing our Network Sensor, supporting our NDR for OT service. You will use our latest Threat Intelligence and your own creativity to write and maintain detection logic for our customers. Previous experience with detection engineering is not a prerequisite. We are looking for a wide range of backgrounds for potential candidates, and the exact responsibilities of any candidate can be tailored given their experience and skill set. Any candidate that only partially matches the skill set is encouraged to apply.

The Opportunity

• Develop, validate, tune and optimise network sensor detection logic specific to OT environments.
• Integrate network telemetry into SIEM and SOAR platforms.
• Support client‑facing teams in network sensor deployments and configuration baselines.
• Write and maintain detection test cases.
• Review findings of TI, CERT, and Red Team activities and evaluate from a detection engineering improvement perspective.

Key Responsibilities

• Research data sets and potential IOCs for distribution.
• Run tools/techniques to acquire data.
• Research log sources and data sets.
• Write rules and alert logic.
• Write test processes and procedures for the logic.
• Monitor test output and fix bugs.
• Monitor the system & data health.
• Add global filters to detection logic based on operational feedback.
• Deploy new analytics to existing customers using our deployment pipeline(s).
• Ensure work is up‑to‑date or tracked.

Skills, Knowledge & Expertise Minimum Requirements:

• Proven experience with and understanding of industrial environments and protocols (such as Modbus, S7Comm, S7Comm+, Bacnet, Profinet, DNP3, OPC, MQTT).
• Proven experience and general understanding of detection engineering, tuning and optimisation of detection logic with Suricata, Zeek or vendor platforms (such as Dragos, Nozomi, Claroty, Armis or Darktrace).
• Proven experience in SOC or Managed Detection Services.
• Alternative Path: Proven experience in analytically‑minded IT Systems administration/Network Administration looking for a career change/focus on Security.
• Excellent oral and written communication skills in English.
• Ability to work with client engagement teams and NCC colleagues to continuously improve the service we deliver.
• Good understanding of IT Systems and platforms from a security context.
• A security mindset and demonstrable experience or knowledge of contemporary attack tactics and techniques specific for OT environments.
• Forensics or Incident Response competency would be considered valuable.
• Strong knowledge of the latest threats in security or an eagerness to build this knowledge.
• Experience with simulating attacks.
• Certificates such as CEH and OSCP are not required but are a plus.
• Experience with network detection tools, preferably Zeek, Suricata, Nozomi, Claroty, Armis or Dragos.
• Experience with scripting languages such as PowerShell, Python, Bash.
• Experience with version control (Git, Azure Dev Ops, etc.).
• And has knowledge of one or more of the below:
• Networking fundamentals.
• ICS/SCADA.

Job Benefits

• Flexible Working: Balance your work and personal life with our flexible working options.
• Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
• Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance and Share Save Scheme.
• Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
• Green Car Scheme: Drive green and save money with our eco‑friendly car scheme.
• Cycle Scheme: Stay fit and healthy with our cycle‑to‑work scheme.
• Special Time Off: Take time off for those big moments in life, such as getting married, entering a civil partnership, becoming a grandparent and welcoming home a new pet.
• Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.